@temboplus/afloat 0.1.76-beta.0 → 0.1.77-beta.10

package/dist/lib/error/error.permission.d.ts

@@ -1,4 +1,4 @@
-import { Permission } from "@/modules/auth/permission.type.js";
+import { Permission } from "@/modules/login/permission.type.js";
 /**
  * Custom error class representing an error caused by missing required permissions.
  * Extends the built-in {@link Error} class to include the `requiredPermissions` property.

package/dist/modules/auth/auth.contract.d.ts

@@ -54,6 +54,8 @@ export declare const authContract: {
                 resetPassword: z.ZodBoolean;
             }, "strip", z.ZodTypeAny, {
                 resetPassword: boolean;
+                access: string[];
+                token: string;
                 profile: {
                     id: string;
                     displayName: string;
@@ -64,10 +66,10 @@ export declare const authContract: {
                     email?: string | null | undefined;
                     autoApprove?: boolean | null | undefined;
                 };
-                token: string;
-                access: string[];
             }, {
                 resetPassword: boolean;
+                access: string[];
+                token: string;
                 profile: {
                     id: string;
                     displayName: string;
@@ -78,8 +80,6 @@ export declare const authContract: {
                     email?: string | null | undefined;
                     autoApprove?: boolean | null | undefined;
                 };
-                token: string;
-                access: string[];
             }>;
             400: z.ZodObject<{}, "strip", z.ZodTypeAny, {}, {}>;
         };
@@ -97,11 +97,11 @@ export declare const authContract: {
             currentPassword: z.ZodString;
             newPassword: z.ZodString;
         }, "strip", z.ZodTypeAny, {
-            currentPassword: string;
             newPassword: string;
-        }, {
             currentPassword: string;
+        }, {
             newPassword: string;
+            currentPassword: string;
         }>;
         path: "/password";
         responses: {};

package/dist/modules/auth/auth.manager.d.ts

@@ -1,4 +1,4 @@
-import { Permission } from "@/modules/auth/permission.type.js";
+import { Permission } from "@/modules/login/permission.type.js";
 import { User } from "@/modules/auth/user.model.js";
 /**
  * Clean authentication manager for client-side usage only.

package/dist/modules/auth/company-membership.model.d.ts

@@ -0,0 +1,171 @@
+import z from "zod";
+import { Profile } from "../profile/profile.model.js";
+import { Role } from "../team-member/role.model.js";
+/**
+ * Zod schema for CompanyMembership JSON serialization
+ */
+export declare const CompanyMembershipJSONSchema: z.ZodObject<{
+    companyProfile: z.ZodObject<{
+        id: z.ZodString;
+        firstName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+        lastName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+        displayName: z.ZodString;
+        phone: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+        accountNo: z.ZodString;
+        email: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+        autoApprove: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
+        version: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+    }, "strip", z.ZodTypeAny, {
+        id: string;
+        displayName: string;
+        accountNo: string;
+        version: string;
+        firstName?: string | null | undefined;
+        lastName?: string | null | undefined;
+        phone?: string | null | undefined;
+        email?: string | null | undefined;
+        autoApprove?: boolean | null | undefined;
+    }, {
+        id: string;
+        displayName: string;
+        accountNo: string;
+        firstName?: string | null | undefined;
+        lastName?: string | null | undefined;
+        phone?: string | null | undefined;
+        email?: string | null | undefined;
+        autoApprove?: boolean | null | undefined;
+        version?: string | undefined;
+    }>;
+    role: z.ZodOptional<z.ZodObject<{
+        id: z.ZodString;
+        name: z.ZodString;
+        description: z.ZodOptional<z.ZodString>;
+        access: z.ZodArray<z.ZodString, "many">;
+        createdAt: z.ZodString;
+        updatedAt: z.ZodString;
+        version: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+    }, "strip", z.ZodTypeAny, {
+        name: string;
+        id: string;
+        version: string;
+        createdAt: string;
+        updatedAt: string;
+        access: string[];
+        description?: string | undefined;
+    }, {
+        name: string;
+        id: string;
+        createdAt: string;
+        updatedAt: string;
+        access: string[];
+        version?: string | undefined;
+        description?: string | undefined;
+    }>>;
+    version: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+}, "strip", z.ZodTypeAny, {
+    version: string;
+    companyProfile: {
+        id: string;
+        displayName: string;
+        accountNo: string;
+        version: string;
+        firstName?: string | null | undefined;
+        lastName?: string | null | undefined;
+        phone?: string | null | undefined;
+        email?: string | null | undefined;
+        autoApprove?: boolean | null | undefined;
+    };
+    role?: {
+        name: string;
+        id: string;
+        version: string;
+        createdAt: string;
+        updatedAt: string;
+        access: string[];
+        description?: string | undefined;
+    } | undefined;
+}, {
+    companyProfile: {
+        id: string;
+        displayName: string;
+        accountNo: string;
+        firstName?: string | null | undefined;
+        lastName?: string | null | undefined;
+        phone?: string | null | undefined;
+        email?: string | null | undefined;
+        autoApprove?: boolean | null | undefined;
+        version?: string | undefined;
+    };
+    version?: string | undefined;
+    role?: {
+        name: string;
+        id: string;
+        createdAt: string;
+        updatedAt: string;
+        access: string[];
+        version?: string | undefined;
+        description?: string | undefined;
+    } | undefined;
+}>;
+export type CompanyMembershipJSON = z.infer<typeof CompanyMembershipJSONSchema>;
+export type CompanyMembershipData = {
+    companyProfile: Profile;
+    role?: Role;
+};
+/**
+ * Represents a user's membership within a company.
+ *
+ * This class encapsulates the relationship between a user and their company:
+ * - The company profile the user belongs to
+ * - The user's role within that company (optional - depends on permissions)
+ *
+ * Note: Permissions are stored in LogIn.access, not here.
+ * This model focuses purely on the company-user relationship.
+ *
+ * The role may be undefined if the user doesn't have permission to view
+ * role details (Permissions.Role.ViewRole).
+ */
+export declare class CompanyMembership {
+    private readonly _companyProfile;
+    private readonly _role?;
+    private constructor();
+    /**
+     * Creates a CompanyMembership instance from the required data.
+     *
+     * @param data - The membership data
+     * @returns A new CompanyMembership instance, or undefined if invalid
+     *
+     * @example
+     * ```typescript
+     * const membership = CompanyMembership.from({
+     *   companyProfile: profile,
+     *   role: role // optional
+     * });
+     * ```
+     */
+    static from(data: CompanyMembershipData): CompanyMembership | undefined;
+    /**
+     * Gets the company profile.
+     */
+    get companyProfile(): Profile;
+    /**
+     * Gets the user's role (may be undefined if user lacks permission to view it).
+     */
+    get role(): Role | undefined;
+    /**
+    * Serializes the CompanyMembership instance to a JSON-compatible object
+    */
+    toJSON(): CompanyMembershipJSON;
+    /**
+     * Serializes the CompanyMembership instance to a JSON string
+     */
+    toJSONString(): string;
+    /**
+     * Creates a CompanyMembership instance from a JSON-compatible object or string
+     */
+    static fromJSON(json: CompanyMembershipJSON | string): CompanyMembership | undefined;
+    /**
+     * Type guard using Zod schema validation
+     */
+    static isCompanyMembershipJSON(obj: unknown): obj is CompanyMembershipJSON;
+}

package/dist/modules/auth/index.d.ts

@@ -1,4 +1,4 @@
 export * from "./auth.manager.js";
 export * from "./auth.repository.js";
-export * from "./permission.type.js";
 export * from "./user.model.js";
+export * from "./company-membership.model.js";

package/dist/modules/auth/user.model.d.ts

@@ -1,66 +1,363 @@
-import { Permission } from "./permission.type.js";
+import { Permission } from "../login/permission.type.js";
 import { Profile } from "../profile/profile.model.js";
+import { LogIn } from "../login/login.model.js";
+import { CompanyMembership } from "./company-membership.model.js";
+import { Role } from "../team-member/role.model.js";
+import z from "zod";
 /**
- * Represents a user in Afloat.
+ * Zod schema for User JSON serialization
+ * Composes the schemas from nested objects
+ */
+export declare const UserJSONSchema: z.ZodObject<{
+    logIn: z.ZodObject<{
+        id: z.ZodString;
+        profileId: z.ZodString;
+        name: z.ZodString;
+        identity: z.ZodString;
+        type: z.ZodString;
+        roleId: z.ZodString;
+        isActive: z.ZodBoolean;
+        isArchived: z.ZodBoolean;
+        resetPassword: z.ZodBoolean;
+        createdAt: z.ZodString;
+        updatedAt: z.ZodString;
+        access: z.ZodArray<z.ZodString, "many">;
+        version: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+    }, "strip", z.ZodTypeAny, {
+        type: string;
+        name: string;
+        id: string;
+        version: string;
+        profileId: string;
+        identity: string;
+        roleId: string;
+        isActive: boolean;
+        isArchived: boolean;
+        resetPassword: boolean;
+        createdAt: string;
+        updatedAt: string;
+        access: string[];
+    }, {
+        type: string;
+        name: string;
+        id: string;
+        profileId: string;
+        identity: string;
+        roleId: string;
+        isActive: boolean;
+        isArchived: boolean;
+        resetPassword: boolean;
+        createdAt: string;
+        updatedAt: string;
+        access: string[];
+        version?: string | undefined;
+    }>;
+    companyProfile: z.ZodObject<{
+        id: z.ZodString;
+        firstName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+        lastName: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+        displayName: z.ZodString;
+        phone: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+        accountNo: z.ZodString;
+        email: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+        autoApprove: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
+        version: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+    }, "strip", z.ZodTypeAny, {
+        id: string;
+        displayName: string;
+        accountNo: string;
+        version: string;
+        firstName?: string | null | undefined;
+        lastName?: string | null | undefined;
+        phone?: string | null | undefined;
+        email?: string | null | undefined;
+        autoApprove?: boolean | null | undefined;
+    }, {
+        id: string;
+        displayName: string;
+        accountNo: string;
+        firstName?: string | null | undefined;
+        lastName?: string | null | undefined;
+        phone?: string | null | undefined;
+        email?: string | null | undefined;
+        autoApprove?: boolean | null | undefined;
+        version?: string | undefined;
+    }>;
+    role: z.ZodOptional<z.ZodObject<{
+        id: z.ZodString;
+        name: z.ZodString;
+        description: z.ZodOptional<z.ZodString>;
+        access: z.ZodArray<z.ZodString, "many">;
+        createdAt: z.ZodString;
+        updatedAt: z.ZodString;
+        version: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+    }, "strip", z.ZodTypeAny, {
+        name: string;
+        id: string;
+        version: string;
+        createdAt: string;
+        updatedAt: string;
+        access: string[];
+        description?: string | undefined;
+    }, {
+        name: string;
+        id: string;
+        createdAt: string;
+        updatedAt: string;
+        access: string[];
+        version?: string | undefined;
+        description?: string | undefined;
+    }>>;
+    token: z.ZodString;
+    version: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+}, "strip", z.ZodTypeAny, {
+    version: string;
+    companyProfile: {
+        id: string;
+        displayName: string;
+        accountNo: string;
+        version: string;
+        firstName?: string | null | undefined;
+        lastName?: string | null | undefined;
+        phone?: string | null | undefined;
+        email?: string | null | undefined;
+        autoApprove?: boolean | null | undefined;
+    };
+    logIn: {
+        type: string;
+        name: string;
+        id: string;
+        version: string;
+        profileId: string;
+        identity: string;
+        roleId: string;
+        isActive: boolean;
+        isArchived: boolean;
+        resetPassword: boolean;
+        createdAt: string;
+        updatedAt: string;
+        access: string[];
+    };
+    token: string;
+    role?: {
+        name: string;
+        id: string;
+        version: string;
+        createdAt: string;
+        updatedAt: string;
+        access: string[];
+        description?: string | undefined;
+    } | undefined;
+}, {
+    companyProfile: {
+        id: string;
+        displayName: string;
+        accountNo: string;
+        firstName?: string | null | undefined;
+        lastName?: string | null | undefined;
+        phone?: string | null | undefined;
+        email?: string | null | undefined;
+        autoApprove?: boolean | null | undefined;
+        version?: string | undefined;
+    };
+    logIn: {
+        type: string;
+        name: string;
+        id: string;
+        profileId: string;
+        identity: string;
+        roleId: string;
+        isActive: boolean;
+        isArchived: boolean;
+        resetPassword: boolean;
+        createdAt: string;
+        updatedAt: string;
+        access: string[];
+        version?: string | undefined;
+    };
+    token: string;
+    version?: string | undefined;
+    role?: {
+        name: string;
+        id: string;
+        createdAt: string;
+        updatedAt: string;
+        access: string[];
+        version?: string | undefined;
+        description?: string | undefined;
+    } | undefined;
+}>;
+/**
+ * Infer the UserJSON type from the schema
+ */
+export type UserJSON = z.infer<typeof UserJSONSchema>;
+export type UserData = {
+    logIn: LogIn;
+    companyProfile: Profile;
+    role?: Role;
+    token: string;
+};
+/**
+ * Represents the currently authenticated user session.
+ *
+ * This class combines:
+ * - LogIn: User account data (identity, permissions, resetPassword, etc.)
+ * - CompanyMembership: User's relationship to their company (company profile + role)
+ * - Token: Session authentication token
+ *
+ * The User represents "who is logged in right now" with their full context.
  *
- * This class centralizes user-related logic, simplifying interaction
- * with user-related data and ensuring consistent access checks across the application.
+ * Note: The role in CompanyMembership may be undefined if the user doesn't have
+ * permission to view role details (Permissions.Role.ViewRole).
  */
 export declare class User {
+    private readonly _logIn;
+    private readonly _membership;
+    private readonly _token;
+    private readonly _permissionMap;
+    private constructor();
     /**
-     * Logged-in user name.
+     * Creates a User instance from the provided data.
+     *
+     * @param data - User session data
+     * @returns A new User instance, or undefined if data is invalid
+     *
+     * @example
+     * ```typescript
+     * const user = User.from({
+     *   logIn: logIn,
+     *   companyProfile: profile,
+     *   role: role, // optional
+     *   token: "auth-token"
+     * });
+     * ```
      */
-    name: string;
+    static from(data: UserData): User | undefined;
     /**
-     * Logged-in identity: phone number or email address.
+     * Gets the user's login data.
      */
-    identity: string;
+    get logIn(): LogIn;
     /**
-     * The user's Afloat profile.
+     * Gets the user's company membership (includes company profile and role).
      */
-    profile: Profile;
+    get membership(): CompanyMembership;
     /**
-     * The user's authentication token.
+     * Gets the user's authentication token.
      */
-    token: string;
+    get token(): string;
     /**
-     * Indicates whether the user must change their default password.
+     * Convenience getter for the user's ID.
      */
-    resetPassword: boolean;
+    get id(): string;
     /**
-     * A list of granted access keys (permissions).
+     * Convenience getter for the user's name.
      */
-    access: Permission[];
+    get name(): string;
     /**
-     * A map of access keys to boolean values for fast permission checks.
+     * Convenience getter for the user's identity (email).
      */
-    private accessMap;
+    get identity(): string;
     /**
-     * Creates a new `User` instance.
+     * Convenience getter for the user's role ID.
      */
-    private constructor();
+    get roleId(): string;
+    /**
+     * Convenience getter for whether the user must reset their password.
+     */
+    get resetPassword(): boolean;
+    /**
+     * Convenience getter for the company profile.
+     */
+    get profile(): Profile;
     /**
-     * Checks if the user has a specific access permission.
+     * Convenience getter for the user's role (may be undefined).
+     */
+    get role(): Role | undefined;
+    /**
+     * Convenience getter for permissions array.
+     */
+    get access(): ReadonlyArray<string>;
+    /**
+     * Checks if the user has a specific permission.
+     *
+     * @param permission - The permission to check
+     * @returns true if the user has the permission
+     */
+    can(permission: Permission): boolean;
+    /**
+     * Checks if the user has any of the specified permissions.
+     *
+     * @param permissions - Array of permissions to check
+     * @returns true if the user has at least one permission
+     */
+    canAny(permissions: Permission[]): boolean;
+    /**
+     * Checks if the user has all of the specified permissions.
      *
-     * @param key - The access key to check.
-     * @returns `true` if the user has the specified access, otherwise `false`.
+     * @param permissions - Array of permissions to check
+     * @returns true if the user has all permissions
+     */
+    canAll(permissions: Permission[]): boolean;
+    /**
+     * Checks if the user can manage team members.
      */
-    can(key: Permission): boolean;
+    canManageTeam(): boolean;
     /**
-     * Returns a plain object representation of the user.
-     * This can safely be embedded in a JWT payload.
+     * Checks if the user can view role details.
      */
-    toObject(): Record<string, any>;
+    canViewRoles(): boolean;
     /**
-     * Serializes the `User` instance to a JSON string.
+   * Serializes the User instance to a JSON-compatible object
+   *
+   * This method creates a complete snapshot of the user session including
+   * all nested objects (LogIn, Profile, Role). All data can be reconstructed
+   * from this JSON representation without needing backend calls.
+   *
+   * @returns {UserJSON} A plain object containing all necessary User data
+   *
+   * @example
+   * ```typescript
+   * const user = User.from({ ... });
+   * const json = user.toJSON();
+   * // Store in localStorage
+   * localStorage.setItem('currentUser', JSON.stringify(json));
+   * ```
+   */
+    toJSON(): UserJSON;
+    /**
+     * Serializes the User instance to a JSON string
+     *
+     * @returns {string} JSON string representation of the User
      */
-    toJSON(): string;
+    toJSONString(): string;
     /**
-     * Creates a new `User` instance from a JSON string.
+     * Creates a User instance from a JSON-compatible object or string
+     *
+     * This static method reconstructs a complete User instance from data that was
+     * previously serialized using toJSON(). It validates the input data and
+     * ensures all nested objects (LogIn, Profile, Role) are properly reconstructed.
+     *
+     * @param {UserJSON | string} json - Either a UserJSON object or a JSON string
+     * @returns {User | undefined} A User instance if valid, undefined otherwise
+     *
+     * @example
+     * ```typescript
+     * // From localStorage
+     * const stored = localStorage.getItem('currentUser');
+     * const user = User.fromJSON(stored!);
+     *
+     * // From object
+     * const userJson = {
+     *   logIn: { id: "...", ... },
+     *   companyProfile: { id: "...", ... },
+     *   token: "..."
+     * };
+     * const user = User.fromJSON(userJson);
+     * ```
      */
-    static fromJSON(jsonString: string): User | undefined;
+    static fromJSON(json: UserJSON | string): User | undefined;
     /**
-     * Creates a new `User` instance from a plain object.
+     * Type guard using Zod schema validation
      */
-    static from(data: any): User | undefined;
+    static isUserJSON(obj: unknown): obj is UserJSON;
 }